A fork of pappy proxy
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

61 lines
1.5 KiB

import os
9 years ago
9 years ago
from .pappy import session
def from_file(fname, intro=False):
# Ignores lines until the first blank line, then returns every non-blank
# line afterwards
9 years ago
full_fname = os.path.join(session.config.pappy_dir, 'lists', fname)
with open(full_fname, 'r') as f:
d = f.read()
lines = d.splitlines()
# Delete until the first blank line
if intro:
while lines and lines[0] != '':
lines = lines[1:]
# Generate non-blank lines
for l in lines:
if l:
yield l
def fuzz_path_trav():
"""
Fuzz common values for path traversal.
"""
for l in from_file('path_traversal.txt', True):
yield l
def fuzz_sqli():
"""
Fuzz common values that could cause sql errors
"""
for l in from_file('fuzzdb/attack/sql-injection/detect/xplatform.fuzz.txt'):
yield l
def fuzz_xss():
"""
Fuzz values for finding XSS
"""
for l in from_file('fuzzdb/attack/xss/xss-rsnake.fuzz.txt'):
yield l
def common_passwords():
"""
List common passwords
"""
for l in from_file('fuzzdb/wordlists-user-passwd/passwds/phpbb.txt'):
yield l
def common_usernames():
"""
List common usernames
"""
for l in from_file('fuzzdb/wordlists-user-passwd/names/namelist.txt'):
yield l
def fuzz_dirs():
for l in from_file('fuzzdb/discovery/predictable-filepaths/filename-dirname-bruteforce/raft-small-directories.txt'):
yield l